view counter

Considered opinionBreaking nuclear deal could bring hacking onslaught from Iran

By Eric Geller

Published 26 September 2017

If the Trump administration discarded the nuclear deal with Iran, Tehran could retaliate quickly – and inflict considerable damage – by unleashing its increasingly aggressive Iranian hacker army. Cyber-experts who track Tehran’s hackers warn that the attacks might target U.S. power plants, hospitals, airports, and other components of the country’s critical infrastructure. Iran’s current hacking against Western targets is limited almost entirely to commercial espionage and dissident surveillance, but Teheran could quickly redirect its efforts in the event of a rupture of the nuclear pact.

If the Trump administration discarded the nuclear deal with Iran, Tehran could retaliate quickly – and inflict considerable damage – by unleashing its increasingly aggressive Iranian hacker army.

Eric Geller writes in Politico that cyber-experts who track Tehran’s hackers warn that the attacks might target U.S. power plants, hospitals, airports, and other components of the country’s critical infrastructure. Iran’s current hacking against Western targets is limited almost entirely to commercial espionage and dissident surveillance, but Teheran could quickly redirect its efforts in the event of a rupture of the nuclear pact.

Geller writes:

Iran has spent years honing its digital skills through cyber campaigns that have pummeled regional adversaries, stolen trade secrets from foreign competitors and destroyed computers at the oil giant Saudi Aramco.And initially, the country also aimed its cyber forces at the U.S., launching a barrage of distracting attacks on the financial sector and even successfully infiltrating a dam in New York state.

But after the U.S. and six partners began discussions with Iran in 2013 to lift some economic sanctions in exchange for limits on Tehran’s nuclear program, the country’s hackers have largely spared the U.S., focusing instead on industrial espionage and hitting rival Middle Eastern powers.

Cyber experts say that would change if Trump and Congress abandon the nuclear agreement, which freed up roughly $100 billion in frozen Iranian assets after taking effect in 2015. Trump has strongly hinted he wants to ax the deal, telling the United Nations General Assembly last week that it was “one of the worst and most one-sided transactions the United States has ever entered into” and later saying he had already made up his mind on the issue.

“I personally think they’ll double down their efforts and we’ll start to see a lot more attacks,” said Stuart McClure, the CEO of security firm Cylance, which revealed one of Iran’s most pervasive hacking groups in 2014. “And we’ll probably see a lot more sophisticated attacks.”

Iranian hackers are not as skilled as those in Russia and China, but they are rapidly improving, experts say. And even if the country cannot develop certain digital tools itself, it can always buy them from Russia, China or the black market.

“They’re plenty good enough to cause a lot of difficulty,” said Ben Read, head of cyber espionage analysis at FireEye.

….

The one thing that might keep Iran’s hackers at bay if the deal falls apart would be the regime’s contentment to “stand back and enjoy watching the rest of the world turn against the U.S.,” said George Perkovich, vice president for studies at the Carnegie Endowment for International Peace, where he researches nuclear and cyber issues. Other signatories of the pact have already warned the U.S. against abrogating its terms.

Regardless, Tehran will be frustrated if the U.S. breaks the agreement, and experts agree the country’s digital warriors can help the regime project influence wherever it chooses to do so.

“We are very concerned and keeping close watch on what kinds of things might manifest against Western targets if that deal falls apart,” said [Adam] Meyers [vice president of intelligence at the cybersecurity firm CrowdStrike.]

Read the full article: Eric Geller, “Breaking nuclear deal could bring hacking onslaught from Iran,” Politico (24 September 2017)